package com.qf.chinatelcon.apigateway.filter;

import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import com.qf.chinatelcon.apigateway.feign.CacheService;
import com.qianfeng.smsplatform.common.constants.CacheConstants;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.netflix.zuul.filters.support.FilterConstants;
import org.springframework.stereotype.Component;
import org.springframework.util.DigestUtils;
import org.springframework.util.ObjectUtils;

import javax.servlet.http.HttpServletRequest;
import java.nio.charset.StandardCharsets;
import java.util.Map;

@Component
public class SignFilter extends ZuulFilter {
    private CacheService cacheService;

    @Autowired
    public void setCacheService(CacheService cacheService) {
        this.cacheService = cacheService;
    }

    @Override
    public String filterType() {
        return FilterConstants.PRE_TYPE;
    }

    @Override
    public int filterOrder() {
        return FilterConstants.PRE_DECORATION_FILTER_ORDER + 12;
    }

    @Override
    public boolean shouldFilter() {
        RequestContext context = RequestContext.getCurrentContext();
        return context.sendZuulResponse();
    }

    @Override
    public Object run() throws ZuulException {
        //获取到用户的参数
        RequestContext context = RequestContext.getCurrentContext();
        HttpServletRequest request = context.getRequest();
        Map<String, String[]> parameterMap = request.getParameterMap();//获取到用户的参数
        //获取用户计算签名的密钥
        //拼接密钥
        //signkey是我们在数据库中后加的参数，加上就相当于是密钥了
        // name=zhangsan,lisi,wangwu
        // name=zhangsan&name=lisi&name=wangwu
        StringBuffer stringBuffer = new StringBuffer();
        parameterMap.forEach((key, value) -> {
            if (!ObjectUtils.isEmpty(value) && !"sign".equalsIgnoreCase(key)) {
                for (String s : value) {
                    stringBuffer.append(key).append("=").append(s).append("&");
                }
            }
        });
        String clientId = request.getParameter("clientId");//获取当前用户的id
        //获取用户计算签名的密钥
        String signkey = cacheService.hGet(CacheConstants.CACHE_PREFIX_CLIENT + clientId, "signkey");
        stringBuffer.append("key=").append(signkey);//将密钥拼接成字符串，与上边的字符串拼接到一起
        String s = stringBuffer.toString();//将stringbuffer包装类中的数据，转换成字符串
        System.err.println(s);
        String md5DigestAsHex = DigestUtils.md5DigestAsHex(s.getBytes(StandardCharsets.UTF_8));//计算他的md5值
        System.err.println("计算出来的签名"+md5DigestAsHex);
        String sign = request.getParameter("sign");//获取到当前用户传递过来的签名
        if (!sign.equalsIgnoreCase(md5DigestAsHex)) {//判断签名，如果签名不正确的话，给用户返回错误信息
            context.setSendZuulResponse(false);
            context.setResponseBody("签名不一致，请求数据可能被篡改");
            context.addZuulResponseHeader("content-Type", "text/html;charset=utf-8");
        }
        //比较
        return null;
    }
}
